The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
The Federal Trade Commission (FTC) has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to hacker sites. To prevent identity theft, a user should follow password security best practices, such as multi-factor authentication, which requires a user to simultaneously present multiple pieces of information to verify their identity.
US-CERT encourages users to refer to the FTC alert and the US-CERT Tips on Preventing and Responding to Identity Theft, Choosing and Protecting Passwords, and Supplementing Passwords for more information.
The Samba Team has released security updates that address a vulnerability in all versions of Samba from 3.5.0 onward. A remote attacker could exploit this vulnerability to take control of an affected system.
US-CERT encourages users and administrators to review Samba's Security Announcement and apply the necessary updates, or refer to their Linux or Unix-based OS vendors for appropriate patches.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has released a short overview of the WannaCry ransomware infections. This fact sheet provides information on how the WannaCry program spreads, what users should do if they have been infected, and how to protect against similar attacks in the future.
US-CERT encourages users and administrators to review the ICS-CERT Fact Sheet on WannaCry and the US-CERT Current Activity on the topic. For more technical details, please consult TA17-132A, Indicators Associated With WannaCry Ransomware.
Joomla! has released version 3.7.1 of its Content Management System (CMS) software to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the Joomla! Security Release and US-CERT's Alert on Content Management Systems Security and Associated Risks and apply the necessary update.
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco Prime Collaboration Provisioning Authentication Bypass Vulnerability cisco-sa-20170517-pcp1
- Cisco TelePresence IX5000 Series Directory Traversal Vulnerability cisco-sa-20170517-telepresence-ix5000
- Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability cisco-sa-20170517-pcp2
- Cisco Policy Suite Privilege Escalation Vulnerability cisco-sa-20170517-cps
WordPress versions prior to 4.7.5 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website.
Users and administrators are encouraged to review the WordPress Security Release and upgrade to WordPress 4.7.5.